[Snort-users] Bad-Traffic message....

Kretzer, Jason R (Big Sandy) jason.kretzer at ...13486...
Mon May 8 08:49:03 EDT 2006


I get these as well.  Mine come from a networked Dell printer that is
communicating with itself.  Strange, I know but it happens.  Try
entering the IP into a web browser and see if the printer interface
comes up.

-Jason
 

> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net 
> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of 
> Jeffery Gunter
> Sent: Monday, May 08, 2006 11:33 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Bad-Traffic message....
> Importance: Low
> 
> Does anyone know how I can find out what this is and why?  I'm getting
> about 30 messages a day on it and I can't figure out where it's coming
> from.
> 
> Jeffery Gunter  |  Chief Information Officer  |  Citizens Bank of East
> Tennessee  |  http://www.cbetn.com
> email:  jgunter at ...13738...
> Land:  423-272-2200  x17
> Cell:  423-754-5157
> Fax:  423-272-2322
> -----Original Message-----
> From: IDS [mailto:SNORT] 
> Sent: Monday, May 08, 2006 11:30 AM
> To: Jeffery Gunter; 4237545157 at ...10251...
> Subject: 
> Importance: Low
> 
> IDS:S=snort:ID=1:[1:527:8] BAD-TRAFFIC same SRC/DST [Classification:
> Potentially Bad Traffic] [Priority: 2]: {UDP} 10.51.215.100:1378 ->
> 10.51.215.100:3069 
> :IDS:S=snort:ID=1:[1:527:8] BAD-TRAFFIC same SRC/DST [Classification:
> Potentially Bad Traffic] [Priority: 2]: {UDP} 10.51.215.100:1378 ->
> 10.51.215.100:3069 
> :IDS:S=snort:ID=1:[1:527:8] BAD-TRAFFIC same SRC/DST [Classification:
> Potentially Bad Traffic] [Priority: 2]: {UDP} 10.51.215.100:1378 ->
> 10.51.215.100:3069 
> :
> 
> This e-mail was scanned for viruses.
> 
> 
> -------------------------------------------------------
> Using Tomcat but need to do more? Need to support web 
> services, security?
> Get stuff done quickly with pre-integrated technology to make 
> your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on 
> Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=k&kid0709&bid&3057&dat1642
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=ort-users
> 




More information about the Snort-users mailing list